Ping a Specific Port

Question

Aldebaran

Asked: 2011-08-10 08:39:18 +0800 CST2011-08-10 08:39:18 +0800 CST 2011-08-10 08:39:18 +0800 CST

Enforce sshd key algorithm

772

In ssh_config I have the HostKeyAlgorithms parameter where I can enforce the use of DSS algorithm for the key, like:

HostKeyAlgorithms "ssh-dss"

How can I do this in sshd_config (daemon config) in order to enforce that all connections incoming should use the ssh-dss instead of ssh-rsa ?

2 Answers

Voted

Hubert Kario · Answer 1 · 2011-08-10T09:16:11+08:00

Best Answer

Hubert Kario

2011-08-10T09:16:11+08:002011-08-10T09:16:11+08:00

remove

HostKey /etc/ssh/ssh_host_rsa_key

from sshd_config.

I have to note that using 1024 bit keys with either RSA or DSA is no longer considered secure and standard DSA limits key size to 1024 bits (though OpenSSH can generate DSA keys up to 2048bits)

2

bgtvfr · Answer 2 · 2017-11-14T07:41:22+08:00

bgtvfr

2017-11-14T07:41:22+08:002017-11-14T07:41:22+08:00

"OpenSSH 7.0 and greater similarly disable the ssh-dss (DSA) public key algorithm. It too is weak and we recommend against its use."

Source : https://www.openssh.com/legacy.html

0

Enforce sshd key algorithm

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?